Remarks 

I . Summary of Office Action 

Claims 1-4 and 8-12 were pending in the application. 

Claim 11 was objected to because of an informality. 

Claims 1, 4, and 10-12 were rejected under 35 U.S.C. § 102(e) 
as being anticipated by Taylor et al. U.S. Patent No. 6,278,885 
(hereinafter "Taylor") . 

Claims 2-3 and 8-9 were rejected under 35 U.S.C. § 103(a) as 
being obvious from Taylor in view of Yadav U.S. Patent 
Publication No. 2003/0149887 (hereinafter "Yadav"). 

The Examiner's objections to and rejections of the claims are 
hereby addressed. 

II . Examiner Interview Summary 

On October 1, 2010, the undersigned attorney for applicant 
held a telephonic interview with Examiner Khoshnoodi to discuss 
amendments to the claims proposed by the undersigned. During 
the interview, the Examiner indicated that the amendments to 
claims 1 and 4 submitted herewith overcame the novelty 
rejections of the claims pending in the Office Action. 

Applicants would like to thank the Examiner for the courtesies 
extended during the Examiner Interview. 

III. Summary of Applicants' Reply 

Applicants respectfully request consideration of this 
Supplemental Reply to supplement the applicants' previous Reply 
to Office Action filed on October 4, 2010. In this Supplemental 
Reply, applicants have further amended claims 1, 4 and 10 
besides the amendments presented in the Reply of 

6 



October 4, 2010. Specifically, applicants have removed the 
phrase "extracted from the information about the server port" 
from line 20 of claim 1, and from lines 19-20 of claims 4 
and 10. These amendments serve to further clarify and more 
distinctly claim the subject matter of the invention. In this 
Supplemental Reply all the remaining amendments and contents 
other than the removal of the above-identified phrase are 
identical with those of the previously filed Reply to Office 
Action. Applicants respectfully request the Examiner to replace 
the Reply previously filed on October 4, 2010 with this 
Supplemental Reply, and consider this Supplemental Reply as a 
response to the Office Action of June 8, 2010. 

Applicants hereby amend claims 1, 4 and 10 to more 
particularly and clearly define applicants' claimed invention. 
Applicants hereby amend claim 11 to correct a grammatical error. 
No new matter has been added and the amendments are fully 
supported by the specification. Support for the amendments to 
the claims can be found, for example, in the originally filed 
claims; in FIG. 6, numerals 620 and 650; in FIG. 4, step S420, 
FIG. 7, steps S701, S703, S705+S709, and FIG. 8, steps S805 and 
S807; and at page 9, paragraphs 72-73. 

The Examiner's objections to and rejections of the claims are 
hereby addressed. 

IV. The Objection to Claim 11 

Claim 11 was objected to because of an informality. 

Applicants hereby amend claim 11 to correct a grammatical 

error and properly indicate that a packet is allowed to bypass 

the firewall "if the destination port has been registered". No 

new matter has been added, and the amendment is fully supported 

by the originally filed application. 
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In view of the foregoing, applicants respectfully request that 
the objection be withdrawn. 

V. The Prior-Art Rejections of the Claims 

Claims 1, 4, and 10-12 were rejected under 35 U.S.C. § 102(e) 
as being anticipated by Taylor. Claims 2-3 and 8-9 were 
rejected under 35 U.S.C. § 103(a) as being obvious from Taylor 
in view of Yadav. 

Independent claims 1, 4, and 10 are generally directed towards 
network security systems and methods for permitting trusted 
network communication programs to have server ports 
automatically registered in a firewall. The system stores a 
list of trusted programs (i.e., "permitted" programs registered 
in an "internal permitted program storage") , and allows a 
firewall flexible device to automatically register server ports 
for the trusted programs in an internal permitted port storage. 
Once a port is registered, inbound packet traffic is allowed to 
bypass the firewall only if the destination port of a packet is 
a registered port. 

More specifically, an internal permitted program storage 
stores a list of programs permitted to have server ports 
registered by the firewall. When a network communication 
program uses a server port, a firewall flexible device 
determines whether the program is registered in the list of 
programs stored in the internal permitted program storage. If 
the program is registered in the list, an internal permitted 
port storage registers the server port. The firewall flexible 
device then blocks inbound packets whose destination ports are 
not registered in the port storage. 
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Taylor describes a system and method for network access 
control using adaptive proxies. A system administrator manually 
specifies which server ports are to be registered in a 
configuration information file (col. 6, lines 4-12) . When a 
connection control packet is received, a dynamic packet filter 
module (DPF) determines whether the port on which the packet was 
received is registered, and transfers information about the 
packet to a proxy only if the port is a registered port (col. 5, 
line 39, through col. 6, line 25). When a data packet is 
received, the packet is either sent to its destination if the 
packet belongs to an existing connection, or is processed 
through a transparency filter if the packet belongs to a new 
connection (col. 12, lines 20-39). 

The Office Action alleges that Taylor fully anticipates 
applicants' claimed invention. Applicants respectfully disagree 
for at least the following three reasons: 

Firstly, applicants submit that Taylor in no way shows or 
suggests the claimed "internal permitted program storage for 
storing a list of programs permitted to have server ports 
registered by the firewall", as required by amended claims 1, 4, 
and 10. Indeed, the operation of the firewall of Taylor is in 
no way concerned with the identity of programs seeking to 
communicate through the firewall. As a result, Taylor does not 
teach or otherwise suggest an internal permitted program 
storage, or any other of means for storing a list of programs 
permitted to have server ports registered by the firewall. 

Secondly, applicants submit that Taylor in no way teaches "a 

firewall flexible device" or other device "for determining 

whether the network communication program [seeking to use a 
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server port] is registered in the list of programs stored in the 
internal permitted program storage". Applicants' "firewall 
flexible device" of amended claim 1 both determines whether a 
communication program is registered in an internal permitted 
program storage (see claim 1, limitation starting with "a 
firewall flexible device..."), and determines whether a 
destination port of a packet has been registered in an internal 
permitted port storage (see claim 1, limitation starting with 
"wherein the firewall flexible device..."). While Taylor 
teaches a dynamic packet filter (DPF, 207) which determines 
whether a port on which a packet was received is registered in a 
configuration information file (col. 5, line 66, through col. 6, 
line 6), the DPF of Taylor is in no way concerned with the 
identity of programs seeking to communicate through a firewall, 
and fails to teach or otherwise suggest the claimed firewall 
flexible device for determining whether the network 
communication program is registered . 

Finally, applicants submit that Taylor in no way shows or 

suggests "an internal permitted port storage" or other device 

for "registering the extracted information about the server port 

if [...] the network communication program [using the port] is 

registered in the list of programs stored in the internal 

permitted program storage ", as required by amended claims 1, 4 

and 10. At best, applicants submit that Taylor teaches a 

configuration information file storing information on which 

ports are registered (col. 6, lines 44-45). The configuration 

information file taught by Taylor, however, only stores ports if 

"the system administrator specifies [...] the ports [...] in the 

configuration file " (col. 6, lines 4-6). In particular, the 

configuration information file of Taylor is in no way described 

as registering ports based on the identity of particular 
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programs using the ports, much less based on the identity of 
programs listed in an internal permitted program storage. 

For at least the reasons that Taylor fails to teach or suggest 
an internal permitted program storage, a firewall flexible 
device, or an internal permitted port storage in accordance with 
amended claim 1, applicants submit that claim 1 is novel and 
non-obvious. For at least the reasons that Taylor fails to 
teach or suggest storing a list of programs permitted to have 
server ports registered, determining whether a network 
communication program is registered in a stored list of 
programs, and registering information about a port if a 
particular program is registered in the program list, applicants 
submit that amended claims 4 and 10 are novel and non-obvious. 
Claims 2-3, 8, 9, 11, and 12, which each depend from one of 
claims 1 and 4, are novel at least because they depend from 
allowable claims. In view of the foregoing, applicants 
respectfully request that the rejection of claims 1-4 and 8-12 
be withdrawn. 
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VI . Conclusion 

The foregoing demonstrates that claims 1-4 and 8-12 are 
allowable. This application is therefore in condition for 
allowance. Reconsideration and allowance are accordingly 
respectfully requested. 



Respectfully submitted. 



Date; October 25, 2010 By; /Jae Y. Park/ 

JAE Y. PARK 
Reg. No. ; 62,629 
Attorney for applicants 

Kile, Park, Goekjian, Reed & McManus, PLLC 
1200 New Hampshire Avenue NW, Suite 570 
Washington, DC 20036 
Tel. No. : 202-263-0809 
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